Disney’s $10 million settlement with the FTC over unlawful children’s data collection exposes how mega-corporations have been secretly harvesting personal information from kids while parents remained in the dark.
Story Snapshot
- Disney agrees to pay $10 million to settle FTC allegations of illegally collecting children’s personal data
- Settlement coincides with new strengthened COPPA rules requiring explicit parental consent for data collection from kids under 13
- Disney allegedly mislabeled YouTube content to circumvent children’s privacy protections
- New regulations expand personal information definition to include biometric data and impose stricter retention requirements
Disney’s Privacy Violation Settlement
Disney will pay $10 million to resolve Federal Trade Commission allegations that the entertainment giant unlawfully collected personal data from children under 13. The settlement addresses claims that Disney circumvented YouTube’s children’s privacy protections by mislabeling content, allowing the platform to collect data that should have been restricted under existing COPPA regulations. This enforcement action demonstrates the FTC’s commitment to protecting children’s online privacy rights.
Strengthened COPPA Rules Take Effect
The Disney settlement comes as the FTC’s enhanced Children’s Online Privacy Protection Act amendments became effective June 23, 2025. These represent the first major COPPA updates since 2013, significantly expanding protections for children’s online data. Companies now face stricter requirements for obtaining verifiable parental consent before collecting any personal information from children under 13, closing loopholes that allowed data harvesting without proper oversight.
Expanded Data Protection Requirements
The new COPPA amendments broaden the definition of personal information to include biometric data, voice recordings, and other identifiers that weren’t previously covered. Online service operators must now implement enhanced data retention and security protocols, ensuring children’s information isn’t stored longer than necessary. These changes address technological advances that have outpaced existing privacy protections, particularly regarding targeted advertising and behavioral tracking of young users.
Corporate Compliance Challenges
Companies operating websites, apps, or platforms accessible to children face significant operational changes under the strengthened rules. The compliance deadline of April 22, 2026, gives businesses time to update privacy policies, implement new parental consent mechanisms, and restructure data handling practices. However, legal experts warn that compliance costs and operational complexity will increase substantially, potentially limiting free online content availability for children as companies reassess their business models.
The enhanced regulations empower parents with greater control over their children’s digital footprint while establishing clearer accountability standards for corporations. This shift represents a victory for family values and parental authority, ensuring that parents—not tech companies—decide what personal information their children can share online. The FTC’s enforcement actions signal that the era of unchecked corporate data collection from minors is ending.
Sources:
Koley Jessen – FTC’s Strengthened Children’s Online Privacy Rules Now in Effect
Federal Register – Children’s Online Privacy Protection Rule
Securiti – FTC COPPA Final Rule Amendments
